diff --git a/modules/aws/files/bootstrap_role_iam_policy.json.tpl b/modules/aws/files/bootstrap_role_iam_policy.json.tpl
index 66288d8..ed50a86 100644
--- a/modules/aws/files/bootstrap_role_iam_policy.json.tpl
+++ b/modules/aws/files/bootstrap_role_iam_policy.json.tpl
@@ -218,6 +218,9 @@
         "ec2:CreateSubnet",
         "ec2:CreateTags",
         "ec2:CreateVpcEndpoint",
+        "ec2:DescribeVpcPeeringConnections",
+        "ec2:CreateVpcPeeringConnection",
+        "ec2:DeleteVpcPeeringConnection",
         "ec2:Detach*",
         "ec2:Release*",
         "ec2:Revoke*",
@@ -244,6 +247,22 @@
         }
       }
     },
+    {
+      "Sid": "AcceptVpcPeering",
+      "Effect": "Allow",
+      "Action": [
+        "ec2:AcceptVpcPeeringConnection"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Sid": "EndpointConnectionAccess",
+      "Effect": "Allow",
+      "Action": [
+        "ec2:*VpcEndpointConnections"
+      ],
+      "Resource": "*"
+    }
     {
       "Sid": "SSMStop",
       "Effect": "Allow",
diff --git a/modules/aws/variables.tf b/modules/aws/variables.tf
index b27ecb7..61e7972 100644
--- a/modules/aws/variables.tf
+++ b/modules/aws/variables.tf
@@ -16,7 +16,7 @@
 
 variable "sn_policy_version" {
   description = "The value of SNVersion tag"
-  default     = "3.4.0"    # x-release-please-version
+  default     = "3.6.0"    # x-release-please-version
   type        = string
 }